MidnightBSD

Advisories for email::address_module_project

CVE-2014-0477 MEDIUM

The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via an empty quoted string in an RFC 2822 address.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
email::address_module_project email::address 1.881
email::address_module_project email::address 1.882
email::address_module_project email::address 1.888
email::address_module_project email::address 1.887
email::address_module_project email::address 1.6
email::address_module_project email::address 1.890
email::address_module_project email::address 1.80
fedoraproject fedora *
email::address_module_project email::address 1.85
email::address_module_project email::address 1.883
email::address_module_project email::address 1.1
email::address_module_project email::address 1.885
email::address_module_project email::address 1.894
email::address_module_project email::address 1.891
email::address_module_project email::address 1.870
email::address_module_project email::address 1.893
email::address_module_project email::address 1.3
email::address_module_project email::address 1.895
email::address_module_project email::address 1.880
email::address_module_project email::address 1.886
email::address_module_project email::address 1.898
email::address_module_project email::address 1.896
email::address_module_project email::address 1.892
email::address_module_project email::address 1.901
email::address_module_project email::address 1.2
email::address_module_project email::address 1.5
email::address_module_project email::address 1.884
email::address_module_project email::address 1.900
email::address_module_project email::address 1.902
email::address_module_project email::address 1.903
email::address_module_project email::address 1.897
email::address_module_project email::address 1.871
email::address_module_project email::address 1.899
email::address_module_project email::address *
email::address_module_project email::address 1.7
email::address_module_project email::address 1.86
email::address_module_project email::address 1.889
CVE-2014-4720 MEDIUM

Email::Address module before 1.904 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via vectors related to "backtracking into the phrase," a different vulnerability than CVE-2014-0477.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
email::address_module_project email::address 1.881
email::address_module_project email::address 1.882
email::address_module_project email::address 1.888
email::address_module_project email::address 1.887
email::address_module_project email::address 1.6
email::address_module_project email::address 1.890
email::address_module_project email::address 1.80
email::address_module_project email::address 1.85
email::address_module_project email::address 1.883
email::address_module_project email::address 1.1
email::address_module_project email::address 1.885
email::address_module_project email::address 1.894
email::address_module_project email::address 1.891
email::address_module_project email::address 1.870
email::address_module_project email::address 1.893
email::address_module_project email::address 1.3
email::address_module_project email::address 1.895
email::address_module_project email::address 1.880
email::address_module_project email::address 1.886
email::address_module_project email::address 1.898
email::address_module_project email::address 1.896
email::address_module_project email::address 1.892
email::address_module_project email::address 1.901
email::address_module_project email::address 1.2
email::address_module_project email::address 1.5
email::address_module_project email::address 1.884
email::address_module_project email::address 1.900
email::address_module_project email::address 1.902
email::address_module_project email::address 1.897
email::address_module_project email::address 1.871
email::address_module_project email::address 1.899
email::address_module_project email::address *
email::address_module_project email::address 1.7
email::address_module_project email::address 1.86
email::address_module_project email::address 1.889
CVE-2018-12558 MEDIUM

The parse() method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters ("\f").

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-407,

Products Affected

Vendor Product Version
email::address_module_project email::address *